Integrated Risk Management
Through the application of technology and automation, we'll help you manage your risks efficiently and effectively across the entire enterprise.
Identity and Access Management
We'll help you ensure everybody within your organisation has access to the right systems and data, for the right reasons, and at the right time.
Cyber & Application Security
Our experts will uncover security weaknesses within your security design and business-critical applications. Helping you protect your organisation from both internal and external threats.
Bedrock Managed Service
Scalable support and on-demand expertise that seamlessly integrates with your existing operations.
About us
A group of passionate individuals with a shared purpose to help the world's leading companies embrace best practices for GRC and risk management.
Turnkey's strategic partner network consists of selected organisations that complement our capabilities.
Corporate Social ResponsibilityCSR
We are committed to being agents for change through our Climate Action Plan, championing diversity in our workplaces, and more.
Get in touch
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Webinars & eBooks
All of Turnkey's webinars, guides and other insights available in one place.
Read the latest insights from our experts on GRC and risk management, covering the latest industry topics.
Press Coverage
See all the publications where Turnkey, our experts and our successes have been noted.
Key events
See the key industry conferences on GRC, SAP security and risk management which we are attending.
Case Studies
Client satisfaction is of the utmost importance to us, and we strive to constantly deliver above expectations, going the extra mile at every opportunity.
7 December 2022

Cyber security lessons learnt from the 2022 FIFA World Cup

The FIFA World Cup is one of the biggest sporting events on the planet, drawing thousands of spectators from around the world. Qatar hosted this year's tournament and while most of the attention was focused on social-cultural norms expected to be observed, many worried about security risks associated with such a high profile event. This included concerns around cybercriminals who could take advantage of increased online traffic due to more applications being used for entry into both matches and the country itself.

Attendees were wary of what data these apps were collecting, yet at the same time downloading them was essential to watch matches in person or remotely. The potential dangers led to an emphasis on cyber security during this World Cup that applies even beyond match days. Based on the insights gained from this year’s competition, here are four important lessons we can all benefit from:

Be vigilant when using new apps

The official World Cup apps for ticketing and entry at Qatar were essential for all visiting supporters. However, several global authorities highlighted concerns about the extent of access that these apps demanded. Always check the access and data you are sharing with new apps, only have them installed for as long as you need them, and use a ‘blank’ phone for them if you’re unsure.

Only install apps from legitimate stores

There were many apps inspired by the FIFA World Cup released in 2022: ticketing, results apps, fantasy games and much more. However, there was also a spike in malicious app distribution, where apps downloaded away from app stores or from direct social media links lead to adware, malware and credential theft that is often undetectable. Make sure you only download apps from official app stores.

Watch out for phishing attempts

As with every major entertainment event, phishing attacks about the FIFA World Cup were rampant in 2022. If a cheap ticket, travel or hospitality deal seems too good to be true, it almost certainly is - especially relating to ‘corporate packages’ targeting businesses. If you receive any emails like this, always verify the sender and hover over links to check the destination. Delete the email if you aren’t 100% certain of its authenticity.

Only watch using verified sources

While many people wanted to watch the matches on a free stream, there were many malicious URLs online and on social media posing as streaming channels. They mainly targeted the countries where the tournament is being shown behind a paywall, and can carry highly damaging malware. When watching any entertainment events online, always stick to watching them on legitimate, verified sources.

While these security tips have been inspired by a sporting event, they are just as applicable outside of it – both at home and travelling abroad. Overall, knowing what steps to take when it comes to online safety can reduce your risk of a data breach or malicious attack so keep these lessons in mind both at work and at home.


Turnkey World Cup Blog Infographic (4)-1